1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
None. See documentation.
Following are some common errors to watch out for:
To use client-side session caching, you will have to apply the
patch in the patches/ subdirectory to Net::SSLeay, or download
the patched version at
http://www.fas.harvard.edu/~behrooz/Net_SSLeay.pm-1.26.tar.gz
---------------------
IO::Socket::SSL does not currently support using both IPv4 and IPv6 in
the same program. For a quick workaround, copy the module 'SSL.pm' to
another named 'SSL6.pm' and adjust the package declaration
accordingly. Support for this feature is planned in the next release.
---------------------
If you plan on having IO::Socket::SSL sockets auto-close themselves
when they go out of scope (like LWP::UserAgent expects), you will
need to get Scalar::Util or WeakRef from CPAN (Scalar::Util comes
standard with Perl 5.8.0 and above). This is because the self-tying
mechanism that IO::Socket::SSL uses to appear simultaneously as an
object and a glob reference only works if a circular reference is
used.
---------------------
Note that a random number generator is required for the proper
operation of this module. Systems that have /dev/random or
/dev/urandom are fine, but those that do not, like most versions
of Solaris, will need to fetch one before installing IO::Socket::SSL.
If you don't already have a favorite, try EGD (egd.sourceforge.net).
---------------------
Versions of perl-ldap below v0.26 do not work with this version
of IO::Socket::SSL because they contain a workaround for old
versions of IO::Socket::SSL that breaks new versions.
---------------------
Note that when writing a preforking server (a server that accepts a
connection and then hands it off to a child for processing), it is
best to handle SSL negotiation after the socket has been passed to
the child (using socket_to_SSL()). If implemented so that the server
handles negotiation, a failed negotiation may tie up the server until
the connection times out.
---------------------
One user mentioned that the following did not work as it should in
IO::Socket::SSL, but worked in IO::Socket::INET:
chomp($var = <$socket>);
print ord(chop($var)); # Prints "10" for people using ASCII
This is due to a bug in Perl that is fixed in 5.8.1. If you need
a workaround, try one of the following:
chomp($var = $socket->getline());
chomp($var = scalar <$socket>);
chomp($var = $var = <$socket>);
Any function that returns the value of <$socket> (in scalar context)
unchanged will work.
--
Peter Behroozi (behrooz at fas.harvard.edu)
|